Comment by bawolff

Comment by bawolff a day ago

6 replies

View on Hacker News

Two things

Saml itself is sort of a kitchen sink. It includes everything you could possibly ever want, but nobody implements all of it so you need to figure out common subset, which defeats the point of a standard.

Second, XMLSignature sucks... like badly. Only part of the response is signed, but which part there is no standard on. It is way too complicated. Why have multiple overlapping signatures is crazy. Comments arent signed but change meaning of document. A billion signature types. Etc.

Freak_NL a day ago

XML signatures in SAML suck so much they deserve to be your point one. For functionality at least it's possible to just poke around and see what works with whatever party your connecting, but debugging broken signing? With XML signatures it is possible to have it all working with one provider (perhaps a Windows machine running ADFS) and then be unable to verify the signatures from another, and you'll never know where the fault lies.

At least with modern stuff like JWT's the ways to encrypt and sign are well-understood.

Reply View 0 replies
cmgbhm 18 hours ago

It also supports putting keyinfo into the document as well and validates it by default unless you really know to go out of your way to disable it.

Oh look, another signature issue…

https://github.com/advisories/GHSA-2xp3-57p7-qf4v

When googling for a SAML dependency, if a library doesn’t already have CVEs for this stuff, it’s likely never been tested.

Reply View 0 replies
mdaniel 12 hours ago

> Comments arent signed but change meaning of document

Do you have an example of that assertion handy? The only comment-influences-execution behavior I'm aware of is in SQL[1], and I haven't ever seen any XML system (in any business domain) which does what you said

1: I mean, setting aside linter suppression, which pedantically does impact execution but I meant of the final software

Reply View 2 replies
  • bawolff 10 hours ago

    https://duo.com/blog/duo-finds-saml-vulnerabilities-affectin... has the full details.

    But basically in some xml apis, a comment can split a single text node into two adjacent text nodes. Some implementations would only look at the first text node. The original xsignature spec (although i think this has been changed) said to remove all comments from doc before signing it, so the attacker can add arbitrary comments without messing up the signature.

    Reply View 1 reply
    • mdaniel 3 hours ago

      > so the attacker can add arbitrary comments without messing up the signature.

      Right, I believe you, but the original assertion was "change meaning of document" -- I can likely add arbitrary whitespace, too, under that same "tomato, tomahto" canonicalization path, but how do either of those two insertions benefit the attacker by changing the meaning of the document?

      Reply View 0 replies
silon42 20 hours ago

Personally I've found one of the few sane uses of XMLSignature is just to use only enveloped-signature, where the signature is then removed from message before processing... also it can be composed by nesting them (carefully).

Reply View 0 replies